Skip to content

Patch Tuesday October 2024

Brock Bingham candid headshot
Brock Bingham|October 8, 2024
PatchTuesday green
PatchTuesday green

Welcome to our October 2024 Patch Tuesday roundup, AKA, the spooky edition. Unfortunately, at my age, scary movies don’t really have the same impact as they did when I was a kid. However, these days, the mere thought of a production device with unpatched vulnerabilities gets my heart racing, even though my doctor blames it on the energy drinks. What does he know?

Luckily, Patch Tuesday is here to remediate all those pesky vulnerabilities (and hopefully not make things worse). Here are all the scary details.

  • Total exploits patched: 118

  • Critical patches: 3

  • Already known or exploited: 5

Some highlights (or lowlights) 

  • CVE-2024-43468: First up, and our highest rated vulnerability this month, is CVE-2024-43468. This exploit takes advantage of a flaw in Microsoft Configuration Manager that allows an attacker to execute commands on an impacted system by sending malicious requests to a targeted environment. If you're using Configuration Manager version 2403, 2309, or 2303, you should get this patched as soon as possible. Remediation involves an in-console update, which Microsoft has a guide on.

  • CVE-2024-43582: Next up, we have a vulnerability that would allow an attacker to gain elevated remote code execution by sending malicious Remote Procedure Call (RPC) requests. To successfully exploit this vulnerability, an attacker would need to win a race condition — which, while complex, is not impossible. While it's a good idea to get this patched, it may be an even better idea to limit RPC to your internal network, limiting the attack vector of future CVEs.

  • CVE-2024-6197: Last, but certainly not least, is CVE-2024-6197. Rated an 8.8, this vulnerability could lead to remote code execution by connecting to a malicious server using curl. Luckily, curl is only used by applications and scripts all over the world ... Oh wait, I meant to say unluckily. The fact that this CVE is already publicly known just makes it that much worse. Needless to say, get this patched as soon as possible.

Wrapping up

118 CVEs is a pretty scary number, at least until you remember that you automated your entire patch management process with PDQ Connect. And for you stragglers who are still patching things the hard way, what are you waiting for? Here’s a step-by-step process to get you started.

  1. Consume a few dozen Pixy Stix (optional, but recommended).

  2. Download a free trial of PDQ Connect.

  3. Automate all the things.


Loading...

Brock Bingham candid headshot
Brock Bingham

Born in the '80s and raised by his NES, Brock quickly fell in love with everything tech. With over 15 years of IT experience, Brock now enjoys the life of luxury as a renowned tech blogger and receiver of many Dundie Awards. In his free time, Brock enjoys adventuring with his wife, kids, and dogs, while dreaming of retirement.

Related articles